Privacy Policy

Last updated: March 19, 2026

1. Who We Are

Ciklek, Inc. ("Ciklek", "we", "our", or "us") provides managed blade sharpening and parts-management services for commercial food service and manufacturing businesses. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our services, website, customer portal, or mobile application.

Contact: privacy@ciklek.com

2. Information We Collect

Account & Contact Information

  • Business name, contact name, email address, phone number
  • Billing address and shipping / pickup address
  • Payment method (processed by Stripe — we do not store raw card numbers)

Service Data

  • Blade / part inventory: QR codes, wear history, service cycle records
  • Service orders, pickup schedules, route data
  • Invoices, payment records, service history
  • Support tickets and communications

Usage & Technical Data

  • IP address, browser type, device identifiers
  • Log data: pages visited, API calls, timestamps
  • Cookies and session tokens (see Section 6)

3. How We Use Your Information

  • Provide and improve our blade management and logistics services
  • Send order confirmations, service updates, and invoices
  • Process payments via Stripe
  • Send service reminders and operational alerts via email and SMS
  • Comply with legal obligations (invoicing, tax, 7-year financial record retention)
  • Detect and prevent fraud or unauthorized access
  • Respond to support requests

We do not sell your personal information to third parties.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA):

  • Contract performance — processing necessary to deliver our services
  • Legal obligation — financial record retention, tax compliance
  • Legitimate interests — fraud prevention, security, service improvement
  • Consent — marketing communications (you may withdraw at any time)

5. Data Sharing & Sub-processors

We share data only with service providers necessary to operate Ciklek:

Sub-processor Purpose Location
StripePayment processingUS / EU
SupabaseDatabase hostingUS
AWS (SES / S3)Email delivery & file storageUS
TwilioSMS notificationsUS
ClerkAuthenticationUS

6. Cookies

We use strictly necessary cookies to maintain your authenticated session. We do not use advertising cookies or sell browsing data. You may disable cookies in your browser, but this will prevent login.

7. Data Retention

  • Active account data: retained while your account is active
  • Financial records (invoices, payments): 7 years after transaction date
  • Support tickets: 3 years
  • Deleted account PII: anonymized within 30 days of verified deletion request

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access — request a copy of your personal data
  • Portability — receive your data in a structured format
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your personal data (subject to legal retention)
  • Opt-out of sale — we do not sell personal data (CCPA)
  • Non-discrimination — exercising rights will not affect your service (CCPA)

To exercise these rights, visit your portal settings or email privacy@ciklek.com. We will respond within 30 days (45 days for complex CCPA requests).

9. Security

We use industry-standard measures including TLS encryption in transit, AES-256 encryption at rest, row-level security on our database, and role-based access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

10. Contact Us

Ciklek, Inc. — Privacy Office
Email: privacy@ciklek.com
For EEA residents: you may also lodge a complaint with your local data protection authority.